• Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
HackRead
  • April 20th, 2021
  • Home
  • Advertise
  • Privacy Policy
  • Contact Us
HackRead
  • Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
  • Follow us
    • Facebook
    • Twitter
    • Linkedin
    • Youtube
Home
Security
Malware

Dyre Wolf malware bypasses 2FA Security, Manages to Steal $1million

April 4th, 2015 Waqas Malware 0 comments
Dyre Wolf malware bypasses 2FA Security, Manages to Steal $1million
Share on FacebookShare on Twitter

Dyre Wolf malware, a dynamic campaign has been discovered by researchers, which already has raked in more than $1 million. This latest campaign utilizes a combo of social engineering and malware.

The campaign has been dubbed as the Dyre Wolf campaign by IBM Security Researchers. According to them, this campaign targets businesses and firms that primarily perform wire transfers to pass huge sums of money. Even if the transactions are protected with the two-factor authentication, the malware can bypass it.

The campaign initiates with a large number of emails to trick people into downloading and installing Dyre. It is one of the numerous malware that was discovered in 2014.

dyre-wolf-malware-bypasses-2-factor-authentication-security-steals-1million

Image Source: Deviantart

IBM researchers observed that the Dyre versions remain undetected by almost all the anti-virus software currently available.

When Dyre is installed on a PC, it gets infected and sends out a massive number of emails to other users that are listed in the address book of the victim and after this, the malware waits. The rest of the process is comprehensively explained by John Kuhn and Lance Mueller, the IBM Security Intelligence researchers, in their blog post on Thursday:

“Once the infected victim tries to log in to one of the hundreds of bank websites for which Dyre is programmed to monitor, a new screen will appear instead of the corporate banking site. The page will explain the site is experiencing issues and that the victim should call the number provided to get help logging in.

dyre-wolf-malware-bypasses-2-factor-authentication-security-steals-1million-2

Image Source: IBM

One of the many interesting things with this campaign is that the attackers are bold enough to use the same phone number for each website and know when victims will call and which bank to answer as. This all results in successfully duping their victims into providing their organizations’ banking credentials.

As soon as the victim hangs up the phone, the wire transfer is complete. The money starts its journey and bounces from a foreign bank to a foreign bank to circumvent detection by the bank and law enforcement. One organization targeted with the campaign also experienced a DDoS. IBM assumes this was to distract it from finding the wire transfer until it was too late.”

Dyre Wolf campaign’s success highlights the fact that improved training is essential for employees so that they are able to spot malicious emails and suspicious tricks such as the aforementioned one.

  • Tags
  • Bank
  • Cyber Crime
  • Dyre Wolf Malware
  • Finance
  • IMB
  • Malware
  • Money
  • security
Facebook Twitter LinkedIn Pinterest
Previous article ‘Verify Your Email Account’, The Latest Phishing Scam to Emerge Online
Next article Android App Used by Hackers in Sex Extortion Campaigns
Waqas

Waqas

I am a UK-based cybersecurity journalist with a passion for covering the latest happenings in cyber security and tech world. I am also into gaming, reading and investigative journalism

Related Posts
WhatsApp Pink is malware spreading through group chats

WhatsApp Pink is malware spreading through group chats

Unpatched MS Exchange servers hit by cryptojacking malware

Unpatched MS Exchange servers hit by cryptojacking malware

Android apps on APKPure store caught spreading malware

Android apps on APKPure store caught spreading malware

Newsletter

Get the best stories straight into your inbox!



Don’t worry, we don’t spam

Latest Posts
Hackers claims to be selling 13tb of Domino’s India data
Hacking News

Hackers claims to be selling 13tb of Domino’s India data

WhatsApp Pink is malware spreading through group chats
Security

WhatsApp Pink is malware spreading through group chats

A hacker claims to be selling sensitive data from OTP generating firm
Hacking News

A hacker claims to be selling sensitive data from OTP generating firm

HACKREAD is a News Platform that centers on InfoSec, Cyber Crime, Privacy, Surveillance and Hacking News with full-scale reviews on Social Media Platforms & Technology trends. Founded in 2011, HackRead is based in the United Kingdom.

Follow us